Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
CSOonline

New phishing campaign hijacks clipboard via fake CAPTCHA for malware delivery

A new wave of browser-based phishing tricks unsuspecting users into copy-pasting malicious commands into their systems, all while believing they’re completing a legitimate CAPTCHA verification.
GitHub

midi-to-game-instruments

This application converts midi messages to keyboard key presses. I've primarily made this to be able to play GuildWars2 Instruments with a midi keyboard. It also provides some additional tools, like ...
GitHub

A WiFi enabled USB Keylogger and Keystroke injection tool

Catch my live stream on Twitch where I play games, have just chatting sessions to talk tech, and just generally be an ordinary person who can't figure out how to make proper life decisions. The USB ...